Symantec Norton Internet Security 2003 6.0.4.34 - Error Message Cross-Site Scripting

EDB-ID:

23304




Platform:

CGI

Date:

2003-10-27


source: https://www.securityfocus.com/bid/8904/info

It has been reported that Symantec Norton Internet Security is prone to a cross-site scripting vulnerability. The issue is reported to exist when the software blocks a restricted website and an error message containing the requested URL is returned to the user. This URL is not sanitized for malicious input therefore allowing a remote attacker to execute HTML or script code in the browser of a user running the vulnerable software. The script code would run in the context of the blocked site.

Successful exploitation of this attack may allow an attacker to steal cookie-based authentication information that could be used to launch further attacks.

Norton Internet Security 2003 v6.0.4.34 has been reported to be prone to this issue, however other versions may be affected as well.

http://www.example.com/page.cgi?<SCRIPT>alert(document.domain)</SCRIPT>